Before you configure the integration of vIDM with NSX-T, you must get the certificate thumbprint from the vIDM host.

You must use OpenSSL version 1.x or higher for the thumbprint. On the vIDM host, the command openssl runs an older OpenSSL version and therefore you must use the command openssl1 on the vIDM host. This command is only available from the vIDM host.

On a server that is not the vIDM host, you can use the openssl command that is running OpenSSL version 1.x or higher.

Procedure

  1. Log in at the vIDM host's console, or SSH to the vIDM host as the user sshuser, or log in to any server that can ping the vIDM host.
  2. Run one of the following commands to get the thumbprint of the vIDM host.
    • If you are logged in to the vIDM host, run the openssl1 command to get the thumbprint:
      openssl1 s_client -connect <FQDN of vIDM host>:443 < /dev/null 2> /dev/null | openssl x509 -sha256 -fingerprint -noout -in /dev/stdin

      If you get an error running the command, you might need to run openssl1 with the sudo command, that is, sudo openssl1 ....

    • If you are logged in to a server that can ping the vIDM host, run the openssl command to get the thumbprint:
      openssl s_client -connect <FQDN of vIDM host>:443 < /dev/null 2> /dev/null | openssl x509 -sha256 -fingerprint -noout -in /dev/stdin